|This article needs additional citations for verification. (September 2013) (Learn how and when to remove this template message)|
e-QIP (Electronic Questionnaires for Investigations Processing) is a secure website managed by OPM that is designed to automate the common security questionnaires used to process federal background investigations. e-QIP was created in 2003 as part of the larger e-Clearance initiative designed to speed up the process of federal background investigations conducted by OPM's Federal Investigative Services (FIS). e-QIP is a front end data collection tool that has automated the SF-86, questionnaire for national security investigations as well as the SF-85P, the questionnaire for public trust positions. e-QIP allows applicants for federal jobs to enter, edit and submit their investigation data over a secure internet connection to their sponsoring agency for review and approval.
Security clearance requirements
An individual cannot apply for a security clearance. A cleared federal contractor or government entity must sponsor you. You must either (a) be an employee of or consultant for that cleared contractor, or (b) have received and accepted a written offer of employment from the cleared contractor. That offer must also indicate your employment will begin within 30 days of receiving your clearance, or (c) be a member of the United States Armed Forces, or (d) authorized federal employee.
A cleared contractor's Facility Security Officer (FSO) starts the process in two ways. First the FSO sends an investigation request through the Joint Personnel Adjudication System (JPAS). Second, the FSO has the employee complete a clearance application in the Electronic Questionnaires for Investigations Processing (e-QIP). After review and approval of that information, the FSO submits the completed e-QIP to the Defense Industrial Security Clearance Office (DISCO) for review. Once DISCO approves the information, it is sent on to Office of Personnel Management (OPM), which conducts the actual investigation and sends the findings back to DISCO. DISCO then either gives clearance, or forwards the results to Defense Office of Hearings and Appeals (DOHA) for further action.
Intelligence community clearances
The Intelligence Community Security Clearance Repository, commonly known as Scattered Castles, is an up-to-date, authoritative source of clearance and access information on approximately 2 million IC and Department of Defense personnel. Scattered Castles is hosted as Community of Interest (COI) on the Joint Worldwide Intelligence Communications System (JWICS). The scope of the Scattered Castles Program is to provide a common, trusted repository of individuals' clearance and accesses, easily accessible by a controlled set of security professionals within the IC with a valid need to verify clearance and access information.
e-QIP security breach
In March 2014, a breach of security for the e-QIP system was detected. Press reports in July of that year attributed the exploit to "Chinese Hackers", James Clapper later confirmed this suspicion. More than a year later, it was revealed that sensitive records for millions of federal workers and contractors was improperly accessed, and the OPM shut down the system for security work.
Press reports suggest the information was retrieved using stolen credentials of an employee of KeyPoint Government Solutions, a privately owned provider of background check services for the government. An OPM audit of KeyPoint's security practices found shortcomings in their practices.
- "Chinese Hackers Pursue Key Data on U.S. Workers". New York Times. 2014-07-09.
- Chabrow, Eric (2014-07-10). "U.S. Government Personnel Network Breached". govinfosecurity.com.
- Levine, Mike (2015-06-29). "In Wake Of Hack, OPM Shutters System For Federal Background Checks". ABC News.
- "OPM Reopens Online Federal Background Check System". NBC News.
- Levine, Mike; Date, Jack. "Feds Eye Link to Private Contractor in Massive Government Hack". ABC News. Retrieved 2016-03-02.
- Levine, Mike (2015-06-24). "Contractor Linked to OPM Hack Says 'Not Responsible,' As Questions Persist". ABC News.
- Lyngaas, Sean (2016-02-18). "IG details OPM contractor's security flaws". FCW. Retrieved 2016-03-02.